There are several termination/removal options available to your LastPass Administrator. Please consider your options carefully prior to deleting or removing users. These actions can be performed from the Users tab in the Admin Console using the Actions column, or can be automated using the AD Sync Client or the API. There are three main termination options:
Disabling a user in your Enterprise puts a lock on the account. No one – not even your LastPass administrator – can log in to the account regardless of passwords or previous access. Once disabled, the license will be available for reassignment.
Removing a user from your Enterprise will disassociate (spin out) that user’s account from your company account. With this action, all Shared Folder data will be revoked immediately. LastPass will also prompt if you would like to “Delete Shares” or “Do Not Delete Shares”. Selecting to “Delete shares” will delete all sites within the account that have been shared to the user from other users in the Enterprise outside of Shared Folders. The account will otherwise still be fully available for use by the account owner, including all data that has been stored in the user’s vault. Once removed, the license will be available for reassignment.
Deleting an account FULLY DELETES ALL CONTENTS in the account. Any data stored within the account will be gone forever. Once deleted, the license will be available for reassignment.
***Please note that all LastPass Enterprise licenses are transferable once an account is disabled, removed, or deleted.***